 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.2.2019.1265 |
| Kategorie: | Huawei EulerOS Local Security Checks |
| Titel: | Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1265) |
| Zusammenfassung: | The remote host is missing an update for the Huawei EulerOS 'php' package(s) announced via the EulerOS-SA-2019-1265 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the Huawei EulerOS 'php' package(s) announced via the EulerOS-SA-2019-1265 advisory. Vulnerability Insight: An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c.(CVE-2019-9020) An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c.(CVE-2019-9021) Affected Software/OS: 'php' package(s) on Huawei EulerOS Virtualization 2.5.3. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-9020 BugTraq ID: 107156 http://www.securityfocus.com/bid/107156 Debian Security Information: DSA-4398 (Google Search) https://www.debian.org/security/2019/dsa-4398 https://bugs.php.net/bug.php?id=77242 https://bugs.php.net/bug.php?id=77249 RedHat Security Advisories: RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:2519 RedHat Security Advisories: RHSA-2019:3299 https://access.redhat.com/errata/RHSA-2019:3299 SuSE Security Announcement: openSUSE-SU-2019:1256 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html SuSE Security Announcement: openSUSE-SU-2019:1293 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html SuSE Security Announcement: openSUSE-SU-2019:1572 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html SuSE Security Announcement: openSUSE-SU-2019:1573 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html https://usn.ubuntu.com/3902-1/ https://usn.ubuntu.com/3902-2/ Common Vulnerability Exposure (CVE) ID: CVE-2019-9021 BugTraq ID: 106747 http://www.securityfocus.com/bid/106747 https://bugs.php.net/bug.php?id=77247 |
| Copyright | Copyright (C) 2020 Greenbone Networks GmbH |
| Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |